main
Powered By GitBook
AWS S3 Bucket Policy Enforces Secure Access
Risk
Remediation Effort
Low
Low
This policy validates that all S3 Buckets enforce secure (HTTPS) access. This enforces encryption in transit of all information read from the bucket.
Remediation
To remediate this, add the following condition to the S3 Bucket Access Policy:
policy.json
policy.yml
1
{
2
"Version": "2012-10-17",
3
"Id": "Policy1504640911349",
4
"Statement": [
5
{
6
"Sid": "Stmt1504640908907",
7
"Effect": "Deny",
8
"Principal": "*",
9
"Action": "s3:GetObject",
10
"Resource": "arn:aws:s3:::/*",
11
"Condition": {
12
"Bool": {
13
"aws:SecureTransport": "false"
14
}
15
}
16
}
17
]
18
}
Copied!
1
Version: 2012-10-17
2
Id: Policy1504640911349
3
Statement:
4
-
5
Sid: Stmt1504640908907
6
Effect: Deny
7
Principal: '*'
8
Action: s3:GetObject
9
Resource: arn:aws:s3:::/*
10
Condition:
11
Bool:
12
aws:SecureTransport: 'false'
Copied!
Reference
Last modified 6mo ago
Copy link